One-Click Release Management
If we structured our VCS to encompass a branching scheme that mirrors our various statuses in the BTS, we likely would end up with a BRANCH to which developers add new, untested changes and a TRUNK that includes only code that is “in production”, although it easily could be the other way around. It then becomes a relatively simple matter of using the branch merging capabilities of the VCS to move “ready for production” code from the testing BRANCH to the stable TRUNK. Because no development changes happen on our TRUNK, merging from BRANCH to TRUNK is not likely to cause any conflicts. Managing the last step of moving the code from the VCS to the live system becomes even easier, because updating simply is a matter of using the VCS client utility to pull down all changes that occurred on the TRUNK of the repository.
So now all the pieces are there to allow quick and accurate code deployment, but we still need to ask our sysadmin to run the VCS client tools on the live system. We further can minimize our demands on the sysadmin's time, however, if he or she is willing to give our release manager an SSH login with permission to run the VCS client on the live system.
Once we've got the infrastructure in place to support performing content updates by way of our VCS, the next logical step is to remove further the need for manual intervention at release time. It now is possible for us to create a script that can use the VCS client tools to pull code updates to a live system. This method increases its usefulness as the number of machines we need to update increases. If our script has access to a list of all the target machines that need to be updated, we can hit them all in one fell swoop.
This piece of the puzzle, like the example, can be a simple script that the release manager runs from the command line of his workstation. Or, it can be a fancy Web-based GUI that a team of release managers can use to update any number of machines from any Web browser with a mouse click. In either case, it is useful to create a user ID on the client machines that has permissions to connect back to the VCS system without being prompted for login information. This may require configuring the user account on the client machines with SSH keys that allow it to connect back to the VCS server.
Listing 1. vcs_update.py
#!/usr/bin/env python import os, sys clientList = ['host1', 'host2', 'host3'] sandbox = "/usr/local/www" def updateClient(client, sandbox): # ssh to client machines and update sandbox command_line = "ssh %s svn update %s"%(client, sandbox) output = os.popen4(command_line).readlines() for line in output: print line if __name__=="__main__": for client in clientList: updateCLient(client, sandbox)
With this script in place on the client machines, we can update client copies of VCS files from a central location over an encrypted SSH connection.
Now we have a reasonably efficient process that piggybacks almost seamlessly onto a process that our developers were, for the most part, already using. It also allows content updates with the click of a button. So what's stopping us from scripting the updates to the testing servers so that they happen automatically at regular intervals, allowing developers the chance to see their changes show up on a live test system without asking for an update? All we need to do is run the client script on the testing servers as a cron job.
Also, as long as we're asking crazy questions, why not take advantage of the power of our BTS's database back end to drive the whole process and really cut down on process management bottlenecks? To do so, our script generates a list of files that need to be merged between branches by running a query for all IDs with a status of “ready for production”. The script uses the resulting lists as input for functions that perform the merge commands and update the BTS ID statuses to “in production” automatically.
Listing 2. bts_merge.py
#!/usr/bin/env python import os, MySQLdb TRUNK_WC = "/path/to/working_copy_of_trunk/" TRUNK_URL = "svn+ssh://vcs-server/project/trunk/" BRANCH_URL = "svn+ssh://vcs-server/project/branch/" def initDB(): # connect to database, return connection cursor connection = MySQLdb.connect(host='dbhost', db='dbname', user='user', passwd='password') cursor = connection.cursor() return connection, cursor def listUpdatedFiles(cursor): # return updated file paths and BTS ids. cursor.execute("""SELECT changedfiles FROM BugTable WHERE status = 'ready for production'""") fileList = cursor.fetchall() cursor.execute("""SELECT bugID FROM BugTable WHERE status = 'ready_for_production'""") idList = cursor.fetchall() return fileList, idList def mergeUpdatedFiles(fileList): # merge branch changes into the trunk. for fileName in fileList: cmd = 'svn merge %s/%s %s/%s'%(BRANCH_URL, fileName, TRUNK_URL, fileName) for line in os.popen4(cmd).readlines(): print line def updateBTSStatus(idList, cursor): # update BTS ids to 'in_production' status. for ID in idList: cursor.execute("""UPDATE BugTable SET status = 'in_production' WHERE bugID = %s""" % ID) def stopDB(connection, cursor): # close the database connection cursor.close() connection.close() if __name__=="__main__": os.chdir(TRUNK_WC) connection, cursor = initDB() fileList, idList = listUpdatedFiles(cursor) mergeUpdatedFiles(fileList) updateBTSStatus(idList, cursor) stopDB(connection, cursor)
Let's look at our amended 10,000-foot overview now that we've got all the bells and whistles incorporated:
An issue is generated in the BTS and assigned to the appropriate developer.
The assignee developer makes changes to his local copy of the source code, checks these changes into the TEST branch of the VCS repository and updates the status in the BTS.
The testing server content is updated automatically by a cron job.
A QA tester verifies that the changes to the code are correct and updates the status in the BTS.
A release manager presses a button to launch our merge script, which merges all changes into the stable TRUNK and updates the BTS.
One last click by the release manager, and the production systems are updated to the latest code by way of our VCS client script.
Steps 5 and 6 easily could be combined too, thereby halving the amount of work our release manager needs to perform.
Chances are at some point we'll want to add a staging branch to our VCS repository and enable our content update system to pull updates from this intermediate branch onto a staging server. QA then could see all the changes on a live system before the client does. Or, the client could be given access in order to provide final approval. Once staging has been given the thumbs up, moving updates to a production system is as easy as performing the already automated steps of merging from the staging branch to the stable TRUNK and running the content update script against the production servers.
Although these examples represent something of an oversimplification of the issues involved—for example, we haven't addressed the potential need for database structure updates—we have covered some core concepts that can be expanded on to build a truly functional, tailor-made system. In fact, we well may be approaching development process nirvana, and we still haven't spent dollar one on software licenses. Rather, we've simply written a few basic scripts to glue together our bug-tracking and version control systems. As a result, management now has more money in the reserve fund and fewer heart palpitations. Our sysadmins have more time to devote to removing spyware from desktops. Best of all, we've made it home for that round of Scrabble with time to spare. That's the power of open source for you.
Resources for this article: /article/8141.
|Where's That Pesky Hidden Word?||Aug 28, 2015|
|A Project to Guarantee Better Security for Open-Source Projects||Aug 27, 2015|
|Concerning Containers' Connections: on Docker Networking||Aug 26, 2015|
|My Network Go-Bag||Aug 24, 2015|
|Doing Astronomy with Python||Aug 19, 2015|
|Build a “Virtual SuperComputer” with Process Virtualization||Aug 18, 2015|
- Concerning Containers' Connections: on Docker Networking
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- Where's That Pesky Hidden Word?
- A Project to Guarantee Better Security for Open-Source Projects
- Firefox Security Exploit Targets Linux Users and Web Developers
- My Network Go-Bag
- Doing Astronomy with Python
- Build a “Virtual SuperComputer” with Process Virtualization
- Three More Lessons
- diff -u: What's New in Kernel Development